US blames WannaCry ransomware attack on North Korea
The massive cyberattack hit a third of health trusts in England, causing thousands of medical appointments to be cancelled.
Tuesday 19 December 2017 13:56, UK
The US is publicly blaming North Korea for the WannaCry cyberattack that crippled the NHS and other networks around the world.
Tom Bossert, President Donald Trump's homeland security adviser, said the country was "directly responsible" for the ransomware attack which was "widespread and cost billions".
It comes as Mr Trump unveiled a new US national security strategy to strengthen the country's cyber defence capabilities.
Mr Bossert, writing in the Wall Street Journal, said: "After careful investigation, the US today publicly attributes the massive WannaCry cyberattack to North Korea."
:: North Korea chases Bitcoin to bust sanctions
In October, Home Office minister Ben Wallace said the UK Government believed "quite strongly" that a foreign state was behind the cyberattack and named North Korea.
Pyongyang has also been widely blamed in security circles and Microsoft president Brad Smith pointed the finger at Kim Jong Un's secretive regime.
The attack began on 12 May and is thought to have infected machines at 81 health trusts across England - a third of the 236 overall.
:: North Korea is 'hacking soaring Bitcoin exchanges', say researchers
The Foreign Office's minister for cyber, Lord Ahmad, repeated the NCSC's assessment on Tuesday and said: "We condemn these actions and commit ourselves to working with all responsible states to combat destructive criminal use of cyber space.
"The indiscriminate use of the WannaCry ransomware demonstrates North Korean actors using their cyber programme to circumvent sanctions."
"International law applies online as it does offline. The United Kingdom is determined to identify, pursue and respond to malicious cyber activity regardless of where it originates, imposing costs on those who wish to attack us in cyberspace."
Computers at almost 600 GP surgeries were also impacted, according to a National Audit Office (NAO) report in October.
The report found that almost 19,500 medical appoints, including 139 potential cancer referrals, were thought to have been cancelled.
Five hospitals were forced to divert ambulances away after being locked out of computers.
However, the report found the attack could have been prevented if "basic IT security" measures had been taken.
Infected machines were running computer operating systems - mostly Windows 7 - that had not been updated to secure them against cyberattacks.
Mr Wallace suggested the attack could have been an attempt by North Korea to access foreign funds.